Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
03-07-2024 07:45
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
Renz Client.exe
Resource
win7-20240508-en
windows7-x64
2 signatures
600 seconds
General
-
Target
Renz Client.exe
-
Size
950KB
-
MD5
d558d404080f9d44ce440d6783140f54
-
SHA1
614b2ef8b9ae235281361033263f3c105b0fa250
-
SHA256
28d1fde37c29dffc998ae4b22da6fe8dababe746b440aa17cdae45a6372ab16c
-
SHA512
f732bbb2c0644797509905e56aff2d7840af7fd190818531d2d7ba61c10e2f97eb9c0825e4c8d9b64035bfba39de072f5389b5ffa1d972c4316096958f05033e
-
SSDEEP
24576:5KdodQCtwExZxOFyyUF73GE7mRSSUQH5np1eOURJ8sGUM:dwExZxOFVXMmR9rnfEYsnM
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
Processes:
WerFault.exepid pid_target process target process 2956 2188 WerFault.exe Renz Client.exe -
Suspicious use of WriteProcessMemory 4 IoCs
Processes:
Renz Client.exedescription pid process target process PID 2188 wrote to memory of 2956 2188 Renz Client.exe WerFault.exe PID 2188 wrote to memory of 2956 2188 Renz Client.exe WerFault.exe PID 2188 wrote to memory of 2956 2188 Renz Client.exe WerFault.exe PID 2188 wrote to memory of 2956 2188 Renz Client.exe WerFault.exe
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2188-0-0x00000000000B0000-0x00000000000B1000-memory.dmpFilesize
4KB